No User Authentication for support pages

Similar Messages

• User Authentication for subfolder not working in Web Browser

  We are using Oracle Application Server 10.1.2.3 and Database Server 10.2.0.5 for our application.
  One of the functionalities of the Application is to send emails with attachments.
  The logic is that the Application would generate the attachment file on the Application Server.
  Then a database package uses Oracle's utl_http package/procedures(more specifically utl_http.request_pieces where the single argument is a URL) to pick up the file from the Application Server via URL, attach the file and send the email.
  Exchange and Relay Server is also set in the Application.
  The problem is that the folder containing the folder which stores the attachments is having user authentication set.
  Example : The main folder is /apps/interface, this folder requires a valid user when it is accessed via URL on a web browser.
  Alias created in httpd.conf
  Alias /int-dir/ "/apps/interface/"
  The folder /apps/interface/email/ is the folder where the attachment files are generated and stored.
  Application Server : 10.12.213.21
  Database Server : 10.12.213.22
  Email Server : 10.12.213.44
  Configuration as per httpd.conf
  Alias /int-dir/ "/apps/interface/"
  <Location /int-dir/>
  AuthName "Interface folder"
  AuthType Basic
  AuthUserFile "/u01/app/oracle/as10g/oasmid/Apache/Apache/conf/.htpasswd"
  require user scott
  </Location>
  <Location /int-dir/email>
  Options Indexes Multiviews IncludesNoExec
       Order deny,allow
       Deny from all
       Allow from 10.12.213.21
       Allow from 10.12.213.22
       Allow from 10.12.213.44
  </Location>
  Using the above configuration the Application is able to attach the files and send the email, however, when we access the following URL :
  http://10.12.213.21:7778/int-dir/ - it prompts for user authentication
  However if we use the following URL :
  http://10.12.213.21:7778/int-dir/email/ - it does not prompt for user authentication, and all the files in the folder are displayed in the browser.
  I have tried so many things including AllowOverride, .htaccess, but i am not able to get user authentication for the email folder.
  Please help me if you can.
  Thanking you in advance,
  GLad to give any more information that i can.
  dxbrocky

  Thanks for your response.  I fixed the problem by selecting "full site" or "full website" at bottom of the web page.  After making this selection the zoom function returned.  Thanks again for your interest.

• Error in eRecruitment configuration step Define user list for support teams

  Hi Erecruitment experts,
  I am new to SAP Erecruitment and trying to get the system running in ERP 6.00 with EP7.
  When I progress the customising steps under technical settings -->User administration --> Define user list for support teams, I am facing problem of ABAP Dump.
  It says
  Error in the ABAP Application Program
  The current ABAP program "SAPLHR_RCF_CUST_01" had to be terminated because it
  has come across a statement that unfortunately cannot be executed.
  Key words are
  "MESSAGE_TYPE_UNKNOWN" " "
  "SAPLHR_RCF_CUST_01" or "RCF_CUST_F01"
  "CHECK_VALID_USR"
  I think there is a link between Object types CP, BP and relation ships A650, A209 etc in this process.
  Can some one guide me how to overcome this error.
  Tks
  Dhina

  Hi all
  I got them fixed, as they are due to BP creation integration issue.
  Thanks and regards
  Dhina

• "Sharepoint 2013" is giving error that prevents local domain users authentication for "Team Foundation Server"

  I am getting 2 errors through the event viewer that prevents TFS 2013 authentication for local domain users, also this error started appearing after having TFS upgraded to [ 12.0.30723.0 (Tfs2013.Update3) ].
  1st Error (from administrative events):
  The Execute method of job definition Microsoft.SharePoint.Administration.SPUsageImportJobDefinition (ID a51a0244-765d-433b-8502-0bb0540ad1fd) threw an exception. More information is included below.
  Access to the path 'C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\LOGS' is denied.
  Tried so far:-
  - changed the path to another folder from "Diagnostic Logging" in another drive, but still getting the same error.
  2nd Error (from application server):
  DistributedCOM error
  The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
  {000C101C-0000-0000-C000-000000000046}
   and APPID 
  {000C101C-0000-0000-C000-000000000046}
   to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
  Which I already got fixed using the following steps on a thread I opened before (but still getting the same error).
  https://social.technet.microsoft.com/Forums/windows/en-US/3896e35c-b99a-4d30-b662-f92d337c8d6f/windows-servers-components-services-and-regedit-permissions-are-grayed-out-for-my-admin-account?forum=winservergen
  Other Fixes I tried
  - Found on another topic that it is not sharepoint that is causing the problem, but it is the generated ASP.NET web pages used for testing is causing the memory to fill up due to cashing on RAM, the fix suggested to change IIS cashing from RAM to HD to prevent
  loading up using w3wp.exe from processes. 
  Concern
  - by checking other topics for people having the same problem, it was mentioned that this error appeared after the lastest TFS update, is there is a fix for it ?

  Hi Kpdn, 
  Thanks for your post.
  All your participation and support are very important to build such harmonious/ pleasant / learning environment for MSDN community.
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• How to stop Firefox demanding authentication for each page of the same website (IE does not do this for the same site))

  I have a website (Still being developed but at the testing stage) which works fine in IE but when viewed in Firefox It insists on authentication at every page, instead of just one login it repeats the login at every page.

  Hi,
  If it's Basic auth, please check if this happens in a [https://support.mozilla.org/en-US/kb/Managing-profiles new profile]. If it's okay, you can later [https://support.mozilla.org/en-US/kb/Recovering%20important%20data%20from%20an%20old%20profile?s=profile&r=1&e=sph&as=s copy the needed personal data] from the old profile. Firefox stores your personal data and settings in another location separate from its [http://kb.mozillazine.org/Installation_directory files/folder]. A new profile would have the default Firefox settings ('''Tools''' ('''Alt''' + '''T''') > [https://support.mozilla.org/en-US/kb/Options%20window '''Options'''], and [http://kb.mozillazine.org/About:config about:config] ), and usually would also be empty of any '''Extensions''' and themes ('''Appearance''') in Tools > Add-ons) and their settings. Also, a new profile would have no previous stored website data/settings etc., ('''Tools''' > [https://support.mozilla.org/en-US/kb/Clear%20Recent%20History '''Clear Recent History''']).
  [https://support.mozilla.org/en-US/kb/Profiles?s=profile&r=2&e=sph&as=s Profiles Howto]
  [http://kb.mozillazine.org/Profile_folder_-_Firefox Profile Folder & Files]
  [http://kb.mozillazine.org/About:config_entries about:config Entries]
  For NTLM authentication, you can try to automatically trust the domain in the [http://kb.mozillazine.org/Network.automatic-ntlm-auth.trusted-uris network.automatic-ntlm-auth.trusted-uris] list in [http://kb.mozillazine.org/About:config about:config], eg. domain.com
  Not sure, but for Kerberos, I think you would have to use '''network.negotiate-auth.trusted-uris''' instead.

• SUP user authentication for web services

  Hi there.
  Has anyone in the comunity had any experience with building Web Service based Mobile Business Object (MBO) in SUP 1.5.2. We have built a mobile application for a blackberry device which consumes two ERP web services. The application deploys successfully and runs on the blackberry device just fine. However, untill now the user credentials needed to authenticate a consumer to a web service has been hard-coded into the mobile business object. This, from an accountability point of view, is not an acceptible model (i.e. all mobile users would be logging in to the ERP backend with 1 common user ID).
  Has anyone had any experience and could suggest an an alternative solution to this that would support accountability i.e. map SUP users to ERP users, trusted connections etc. and is this possible with SUP 1.5.2?
  S

  Actually, SUP 1.5.2 just provides the HTTP basic authentication for WS-MBO. It is enable that to create 'username' and 'password' on the WS-MBO as two input parameters. Thus, you can design your device app in SUP to prompt the dialog to accpet the username and password before you access your WS-MBO. Similar, if your web-service has input argument for username and password, you also can design a dialog like above.

• User authentication for webservices

  Hi,
  I am using Oracle R12.
  I want to know how oracle handles user authentication when calling custom APIs through Integrated SOA Gateway.
  I know that we are using security headers to do this.  The header part is given below.
     <soapenv:Header>
       <xx:SOAHeader>
          <xx:Responsibility>INVENTORY_VISION_OPERATIONS</xx:Responsibility>
          <xx:RespApplication>INV</xx:RespApplication>
          <xx:SecurityGroup>STANDARD</xx:SecurityGroup>
          <xx:NLSLanguage>AMERICAN</xx:NLSLanguage>
          <xx:Org_Id>204</xx:Org_Id>
       </xx:SOAHeader>
       <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
          <wsse:UsernameToken wsu:Id="UsernameToken-1">
             <wsse:Username>uname</wsse:Username>
             <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
             <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rerr6et6eHFV</wsse:Nonce>
             <wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
          </wsse:UsernameToken>
       </wsse:Security>
    </soapenv:Header>
  But when a person is simply logging in to the application how can we choose a responsibility without know what responsibilities a person has?
  The  <xx:SOAHeader></xx:SOAHeader> is not mandatory. So can i simply not pass this header? Or is there a default responsibility that can be specified for all users?
  Also in what scenarios is the <wsse:Security> header not required? I recently checked and found that even without providing the Security header, it is possible to execute service in ISG. Hence the question.
  Thanks,
  Anoop

  Hi,
  Ok, so you want to know for an user , what responsibility you should use in order to be able to perform the invocation?
  Here is an example for Sysadmin user
  Select usr.user_name,usr.user_id, resp.RESPONSIBILITY_NAME ,
  resp.RESPONSIBILITY_KEY, grp.SECURITY_GROUP_KEY, grp.SECURITY_GROUP_ID,
  APP.APPLICATION_SHORT_NAME ,APP.APPLICATION_ID
  From FND_USER_RESP_GROUPS furg, FND_USER usr, fnd_responsibility_vl
  resp,FND_SECURITY_GROUPS grp,FND_APPLICATION APP
  where furg.user_id=usr.user_id
  and furg.RESPONSIBILITY_ID=resp.RESPONSIBILITY_ID
  and furg.SECURITY_GROUP_ID=grp.SECURITY_GROUP_ID
  and furg.RESPONSIBILITY_APPLICATION_ID=APP.APPLICATION_ID
  and usr.user_name='SYSADMIN'
  regards
  Mihai

• User Authentication for Internet access

  Hi,
  Is it possible to configure authentication for internal (LAN) users to Authenticate (local/RADIUS/LDAP) for any kind of internet access through the ISA550/570? (like cut-through authentication proxy in ASA.)
  And Can the ISA550/570 act as a Web proxy?
  Thanks in advance.

  HI Sulu,
  You can configure captive portal for internal LAN users to authenticate (local/Radius/LDAP) for internet
  access through ISA500. (see attached screenshot)
  ISA500 cannot act as a web proxy. what is your use case ?
  Regards,
  Wei

• User Authentication for Web Services

  Hi,
  I am developing a web services that resides in Intranet. Thus, would like to implement application layer of user authetication, i.e. to match the input user name and password against Database record through a web service logon() method. If authentication is passed, the client program is allowed to call subsequence web service methods, else exception needs to be thrown when calling subsequence methods.
  As understand that each method call to web services is treated seperately. Thus, how can we implement the authentication so that the client program only passes in the user name and password at once through logon() method, instead of perfoming the authentication for each method?
  Appreciate the advice. Thanks.

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• Status Profile and User Status  for Support Message

  Hi All,
  We need to customize Status Profile and User Status Specifc  to customer requriments.
  we need the following Status for Support Message:
  Open
  Accepted
  Rejected
  Fixed
  Retest
  Closed
  Note:
  1] Only the Message creator should be able Set staus Open and Closed
  2]  Message Processor should only set status Accepted, Rejected, Fixed and Retest
  I have created the Status Profile in BS02.
  Can some one help me the steps or guide how to implement the above logic and restrict the status access between Message Creator and Message Processor
  Thanks!
  Regards,
  Pradeep  L

  > 1] Do i have to create different Auth.key for Message processor and Message creator and then assing them in BS02 to Status Profile?
         Anand: Diffrent authorization key for different statues......not for message processor and creator
  > 2] Now how do i assign this Auth.Key to the Auth Object B_USERSTAT?
         Anand: Using Tcode PFCG, this can be done.... Consult Basis.....
  >     do i have to create a new Zrole and assign or is there any other way.
         Anand: Yes u need to create a Z role and include that authorization objects in that z role....
         so u might have to create 2 Zroles and then assign them to the persons concerned....
  Inspire ppl by rewarding
  Regards,
  Anand...

• User Permissions for certain pages only possible?

  I have a client interested in BC but I need to know if they can assign user edit permissions for certain pages to certain users? For example lets say they have pages  A B C D E F and they want Tom to be able to edit A B & C but not D E F and they need Sally to be able to edit D E & F but not A B & C. Is this possible with BC?

  Hi,
  The option is to use and set a workflow for "content approval" to each page.
  Site settings -> manage workflows
  "You can attach a workflow approval process to any web page or template. When an approval is attached to a web page or template, then all changes must be approved by predesignated users of the system before they go live. To attach a workflow to an item, click on the 'More Options' link and choose a workflow."
  Site manager -> pages -> more options
  Hope this helps!
  -Sidney

• User authentication for menus..

  Hi Everyone,
  I am doing a project for my office to maintain inventory, I want to implement user rights for the menus..
  I would appreciate if any help me out...
  Thanks in advance..
  Regards,
  Irsath Ahamed.

  Al-Salamu Alikum ya Ahmed...
  1. Create your menu.
  2. Think of your security concept and create the resulting DB-Roles. Grant
  the roles to the users.
  3. Choose Menu-Property MENU MODULE ROLES
    and enter the names of the DB-Roles you created.
  4. Choose Menu-Property USE SECURITY and set to TRUE.
  The command to grant a role to a dbuser is
  GRANT <ROLENAME> TO <USERNAME>;
  5. Choose a Menu Item (or Submenu Item)
  choose MENU ITEM ROLES Property and highlight (blue) the
      Roles you want to give access to the menu item.
  (you can highlight more than one with Shift-Key)
  Grant roles access to individual menu items (using the Menu Item Roles property).
  6. Compile  and Generate the menu module.
  7. Compile and Generate  the form module.and then forms checks which roles are assigned to the connected user & which menuitems (forms & parameter forms of reports) should be shown to the user.
  If u Google u will find many...
  Pls have a look here
  http://www.orafaq.com/forum/t/157310/0/
  http://www.orafaq.com/forum/t/62786/2/
  Runtime Forms .FMX
  http://download.oracle.com/docs/cd/B25329_01/doc/admin.102/b25107/users_secure.htm
  Hope this helps...
  Regards,
  Amatu Allah.

• User Authentication for CUIC co-resident with UCCX

  We are running UCCX 9.0.2 and have been using the HRC for reporting, but I'd like to switch us over to the version of CUIC that is built-in to UCCX.  I flipped us over to that after hours to take a look through it and get an idea what I'll need to do to get things working before permanently switching us off of HRC.
  One thing I'm having trouble with is that the authentication doesn't appear to be AD based like UCCX is.  It automatically imported all of the supervisors and administrators that have access to UCCX (including me), but I'm not able to log in with anything other than the platform admin user name and password.  I used the platform admin user name and password to get in and view everything and make a few changes.  I added my account to the admin group and assigned the System Configuration Administrator and Security Administrator roles to myself.  (see screenshot)
  I noticed the format it shows for my user name is CCX\tyson.shroyer and it doesn't show a field for a password anywhere.  I tried logging in using CCX\tyson.shroyer as my user name and the password for my AD account (which is what I use to log in to UCCX) and it doesn't work.  I tried it without CCX\ in the user name and it still didn't work.  I tried leaving the password blank...no dice.  No combination of user name and password gets me in.
  I've looked all over trying to find some info and documentation specifically for the version of CUIC that's built-in with CCX 9.x and above, but everything I find (SRNC, Admin Guide, etc) is specific to CUIC Premium which I know would be on a separate server and appears to have a different method of administration.  That documentation mentions accessing an OAMP page for all of the system administration tasks.  I tried going to the path for the OAMP page as specified in the documentation and it doesn't appear to be available.  I'm not sure if it just isn't part of this version or not.
  Anyway, I'd greatly appreciate any info you could provide on making this switch.  I'd prefer to get it integrated with AD just like the rest of the UC environment is, but at this point I'd settle for at least being able to get logged in with a user account.  Thanks in advance everyone!

  Hi
  Are you able to try the LDAP option in the login page
  https://<IPAddress>:8444/cuic/Login.htmx;jsessionid=BB18708EA5C507AD7CF6512898C6FC5F

• How do I get the user information for a page?

  I would like to display information about the person that created a page in CQ.  I know I can get the createdBy information from the page properties, but how can I turn that into a user object where I can get more detialed information about that user?

  If you are within an OSGi bundle you can use the SlingRepository Service. Now it depends how you develop your OSGi services and components. I use the maven scr plugin for this. With this plugin it is possible to get references to services with java annotaions.
  Example:
  @Component(name="SampleService",
          label = "SampleService",
          description = "SampleService",
          immediate = true, enabled = true, metatype = true)
  @Services({ @Service(value = SampleService.class) })
  @Properties({
  @Property(name = "service.description", value = "SampleService"),
  @Property(name = "service.vendor", value = ") })
  public class SampleServiceImpl implements SampleService
  @Reference(policy = ReferencePolicy.STATIC)
  private SlingRepository repository;
      public void openAdminSession() {
          Session session = null;
          if (repository != null) {
              try {
                  session = repository.loginAdministrative(null);
                  //do something here
              } catch (RepositoryException e) {
                  LOG.error("Unable to open admin session:" + e.toString());
              } finally{
                                            if(session != null){
                        session.logout();
  To access a service from a JSP page you can use the reference of the SlingScriptHelper. You have to use the <cq:defineObjects/> tag.
  Example jsp:
  <cq:defineObjects/>
  SlingRepository repository = sling.getService(SlingRepository.class);
  Session session = null;
          if (repository != null) {
              try {
                  session = repository.loginAdministrative(null);
                  //do something here
              } catch (RepositoryException e) {
                  LOG.error("Unable to open admin session:" + e.toString());
              } finally{
                                            if(session != null){
                        session.logout();

• User Authentication for AppleScript

  Is there a way to authenticate an AppleScript with admin privileges?
  I have a script that messes with a certain application and admin authentication may be needed for standard users.
  Thanks for any input.

  For shell scripts there is a way
  <pre style="margin: 0px; border: 1px solid #aaa; color:#000; background-color: #ccc; overflow: auto; font-family: Verdana, Monaco, monospace;"> do shell script "blafasel" password "yourpassword" user name "youradminusername" with administrator privileges</pre>
  perhaps you can open another script app then like:
  <pre style="margin: 0px; border: 1px solid #aaa; color:#000; background-color: #ccc; overflow: auto; font-family: Verdana, Monaco, monospace;"> do shell script "open ~/myscriptapp.app" password "yourpassword" user name "youradminusername" with administrator privileges</pre>
  or you run the script via the osascript-command. Type +*man osascript*+ in your terminal for more information